[clug] [OT] all text passwords == secure?
Sam Couter
sam at couter.id.au
Mon Aug 27 06:12:18 MDT 2012
Angus Gratton <gus at projectgus.com> wrote:
> The best thing about using a password manager is zero password reuse (or
> password similarity), so password leaks or bad password storage
> practices have a much lower potential impact. The worst thing is that
> you have all your eggs in one basket, so to speak.
Depending on your password manager, that's an exremely low risk:
Passwords should be stored locally and the program should have no direct
remote attack vectors.
> There's a Sydney-based Microsoft MVP (I know, I know) called Troy Hunt
> who has written some posts about password management that I think are
> pretty good:
>
> http://www.troyhunt.com/2011/03/only-secure-password-is-one-you-cant.html
That article is pretty good, but it completely fails to mention how to
generate the master password for the password manager.
--
Sam Couter | mailto:sam at couter.id.au
OpenPGP fingerprint: A46B 9BB5 3148 7BEA 1F05 5BD5 8530 03AE DE89 C75C
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://lists.samba.org/pipermail/linux/attachments/20120827/8ce1ba57/attachment.pgp>
More information about the linux
mailing list